<?php
    include_once("../db_config.php");
    session_start();
    # 数量查询
    function num($db_table,$table_name,$value){

        # 数据库查询
            if ($table_name != NULL){
                $query = mysql_query("SELECT * FROM $db_table WHERE $table_name = '$value' ");
              }
            else{
                $query = mysql_query("SELECT * FROM $db_table ");
            }

        # 查询行数
        $num = mysql_num_rows($query);

        echo $num;
  }

    # 供应商查询
    function gys_query(){

        # 数据库查询
        $query = mysql_query("SELECT * FROM gys ORDER BY id");

        if (!$query)
        {
            echo '<div class="alert alert-danger" role="alert">查询失败，请联系管理员!</div>';
        }
        else if ($num = mysql_num_rows($query) > 0)
            {
                 while($row=mysql_fetch_assoc($query))
                 {
                     echo '<tr>';
                     echo "<td>".$row['id']."</td>";
                     echo "<td>".$row['name']."</td>";
                     echo "<td>".$row['type']."</td>";
                     echo "<td>".$row['call_main']."</td>";
                     echo "<td>".$row['call_bk']."</td>";
                     echo "<td>".$row['addr']."</td>";
                     echo '</tr>';
                 }
             }
             else
             {
                echo'<div class="alert alert-danger" role="alert">没有找到供应商信息,请检查数据库!</div>';
             }
  }# 供应商查询

# 员工查询
    function yg_query(){

        # 数据库查询
        $query = mysql_query("SELECT * FROM user ORDER BY level desc");

        if (!$query)
        {
            echo '<div class="alert alert-danger" role="alert">查询失败，请联系管理员!</div>';
        }
        else if ($num = mysql_num_rows($query) > 0)
            {
                 while($row=mysql_fetch_assoc($query))
                 {
                     echo '<tr>';
                     echo "<td>".$row['entry']."</td>";
                     echo "<td>".$row['name']."</td>";
                     echo "<td id='level_id_".$row['entry']."'>".$row['level']."</td>";
                     switch ($row['level']) {
                       case '0':
                         $name = "没入门";
                         break;
                        case '1':
                         $name = "初入江湖";
                         break;
                        case '2':
                         $name = "游刃有余";
                         break;
                        case '3':
                         $name = "独孤求败";
                         break;
                       
                       default:
                         $name = "什么鬼？";
                         break;
                     }
                     echo "<td id='cw_id_".$row['entry']."'>".$name."</td>";
                     echo "<td>".$row['call_b']."</td>";
                     echo "<td>".$row['username']."</td>";
                     echo '<td style="float: left;">
                        <a id="dislogin" class="btn btn-danger btn-xs" disabled="disabled">禁止登陆</a>
                        <a id="useruplevel" class="btn btn-info btn-xs" disabled="disabled">提升一级</a>';
                        if ($row['level'] == "0") {echo ' <button type="button" id="login_start_'.$row["entry"].'" class="btn btn-success btn-xs" onclick="login_start(this.value)" value='.$row['entry'].' >通过审核</button>';}
                     echo '</td>';
                     echo '</tr>';
                 }
             }
             else
             {
                echo'<div class="alert alert-danger" role="alert">没有找到员工信息,请检查数据库!</div>';
             }
  }# 员工查询

# 租借查询
  function lease_query(){
    $query = mysql_query("SELECT * FROM lease WHERE start = '0' ORDER BY entry desc ");
    $num = mysql_num_rows($query);

    if (!$query) {
      echo "执行错误";
    }
    else if ($num > 0) {
      while($row = mysql_fetch_assoc($query)){
          echo "<tr>";
          echo "<td>".$row["item_name"]."</td>";
          echo "<td>".$row["item_num"]."</td>";
          echo "<td>".$row["item_out_time"]."</td>";
          echo "<td>".$row["item_out_name_ins"]."</td>";
          echo "<td>".$row["item_addr"]."</td>";
          echo "<td>".$row["item_out_name"]."</td>";
          echo "<td>";
          if ($row["item_out_name"] == $_SESSION['username']) {
            echo '<button type="button" class="btn btn-success btn-sm" onclick="lease_ok(this.value)" value="'.$row["entry"].'">确认归还</button>';
          }
          else{
            echo '<p class="text-danger">你无权执行操作</p>';
          }
          echo "</td>";
          echo "</tr>";
      }
    }
  }

  # 日程表查询
  function query_query($value){

        $query = mysql_query("SELECT * FROM query WHERE start=$value ORDER BY  entry desc");
        $num = mysql_num_rows($query);

        if(!$query){
             echo "执行错误";
            }
            else if($num > 0){
                while($log_row = mysql_fetch_assoc($query)){
                  $nnn = $log_row['content'];
                  $str2 = mb_substr($nnn, 0,15,'utf-8'); // 截断文本
                  $num = strlen($nnn);
                  if($value == 0){
                      echo '<tr>';
                      echo '<td style="word-break:break-all;width: 100px;">'.$log_row['time'].'</td>';
                      echo '<td style="word-break:break-all;width: 100px;">'.$log_row['call_main'].'</td>';
                      if ($num > 80) {
                        echo '<td style="word-break:break-all;width: 300px;color:green;">'.$str2.'.....<button class="btn btn-primary btn-xs" data-toggle="modal" data-target="#query-'.$log_row['entry'].'-connent">查看更多</button></td>
                                    <!-- Modal -->
                                    <div class="modal fade bs-example-modal-sm" id="query-'.$log_row['entry'].'-connent" tabindex="-1" role="dialog" aria-labelledby="myModalLabel">
                                      <div class="modal-dialog" role="document">
                                        <div class="modal-content">
                                          <div class="modal-header">
                                            <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                                            <h4 class="modal-title" id="myModalLabel">更多内容</h4>
                                          </div>
                                          <div class="modal-body">
                                            '.$log_row['content'].'
                                          </div>
                                          <div class="modal-footer">
                                            <button type="button" class="btn btn-primary" data-dismiss="modal">关闭</button>
                                          </div>
                                        </div>
                                      </div>
                                    </div>
                        ';
                      }
                      else {
                        echo '<td style="word-break:break-all;width: 300px;">'.$log_row['content'].'</td>';
                      }
                      if ($log_row['content-new'] == NULL){
                         echo '<td style="word-break:break-all;width: 300px;">无</td>';
                      }
                      else {
                         echo '<td style="color:red;width: 300px;">'.$log_row['content-new'].'</td>';
                      }
                      echo '<td style="word-break:break-all;width: 100px;">'.$log_row['addr'].'</td>';
                      echo '<td style="word-break:break-all;width: 100px;">'.$log_row['name'].'</td>';
                      echo '<td style="word-break:break-all;width: 100px;">'.$log_row['newname'].'</td>';
                      echo '<td style="word-break:break-all;width: 50px;">'.$log_row['pri'].'</td>';
                      echo '<td style="word-break:break-all;width: 240px;">
                      <button type="submit" class="btn btn-success btn-xs query_ok" onclick="query_ok(this.value)"  value='.$log_row['entry'].'>确认完成</button>
                      <button type="submit" class="btn btn-info btn-xs query_new" data-toggle="modal" data-target="#query-'.$log_row['entry'].'">后续任务</button>

                      <div class="modal fade" id="query-'.$log_row['entry'].'" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
                        <div class="modal-dialog">
                          <div class="modal-content">
                             <div class="modal-header">
                                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                                   <h4 class="modal-title" id="myModalLabel">添加任务后续跟踪</h4>
                             </div>
                             <div class="modal-body">
                                   <form class="form" role="form">
                                      <div class="form-group">
                                         <label for="exampleInputTexi">后续任务说明</label>
                                            <input type="Texi" class="form-control query-new-connent" id="query-'.$log_row['entry'].'connent" placeholder="发生什么了？" >
                                      </div>
                                      <div class="form-group">
                                         <label for="exampleInputTexi">价格</label>
                                            <input type="Texi" class="form-control query-new-pri" id="query-'.$log_row['entry'].'pri" placeholder="收多少钱" >
                                      </div>
                                      <div class="form-group">
                                         <label for="exampleInputTexi">跟踪人</label>
                                            <input type="Texi" class="form-control query-new-pri" id="query-'.$log_row['entry'].'name" placeholder="你叫什么名字啊？"  disabled="disabled" value="'.$_SESSION['username'].'">
                                      </div>
                                   </form>
                             </div>
                            <div class="modal-footer">
                             <button type="button" class="btn btn-default" data-dismiss="modal">取消</button>
                             <button type="button" class="btn btn-primary query-connent-add" onclick="query_add_new(this.value)"  value='.$log_row['entry'].'>添加</button>
                           </div>
                          </div>
                        </div>
                      </div>

                      <button type="submit" class="btn btn-danger btn-xs query_call" onclick="query_call(this.value)" value='.$log_row['entry'].'>任务取消</button>
                      </td>';
                      echo '</tr>';
                      }
                  if($value == 1){
                      echo '<tr>';
                      echo '<td>'.$log_row['time'].'</td>';
                      echo '<td>'.$log_row['call_main'].'</td>';
                      echo '<td>'.$log_row['content'].'</td>';
                      if ($log_row['content-new'] == NULL){
                         echo "<td>无</td>";
                      }
                      else {
                         echo '<td style="color:red">'.$log_row['content-new'].'</td>';
                      }
                      echo '<td>'.$log_row['addr'].'</td>';
                      echo '<td>'.$log_row['name'].'</td>';
                      echo '<td>'.$log_row['newname'].'</td>';
                      echo '<td>'.$log_row['pri'].'</td>';
                      echo '<td>已完成任务</td>';
                      echo '</tr>';
                      }
                  if($value == 2){
                      echo '<tr>';
                      echo '<td>'.$log_row['time'].'</td>';
                      echo '<td>'.$log_row['call_main'].'</td>';
                      echo '<td>'.$log_row['content'].'</td>';
                      if ($log_row['content-new'] == NULL){
                         echo "<td>无</td>";
                      }
                      else {
                         echo '<td style="color:red">'.$log_row['content-new'].'</td>';
                      }
                      echo '<td>'.$log_row['addr'].'</td>';
                      echo '<td>'.$log_row['name'].'</td>';
                      echo '<td>'.$log_row['newname'].'</td>';
                      echo '<td>'.$log_row['pri'].'</td>';
                      echo '<td>已取消任务</td>';
                      echo '</tr>';
                     }
                }
            }
            else{
                    echo "没有数据";
                }
      }

    # 白露流水
    function item_query(){

        $query = mysql_query("SELECT * FROM item_bailu ORDER BY  time desc");
        $num = mysql_num_rows($query);

        if(!$query){
             echo "执行错误";
            }
            else if($num > 0){
                while($log_row = mysql_fetch_assoc($query)){
                if($log_row['start'] == 0){
                    echo "<tr>";
                    echo '<td>'.$log_row['entry'].'</td>';
                    echo '<td>'.$log_row['time'].'</td>';
                    echo '<td>'.$log_row['item'].'</td>';
                    echo '<td>'.$log_row['price'].'</td>';
                    echo '<td>'.$log_row['name'].'</td>';
                    if($log_row['start'] == 0){
                        echo "<td>未入账</td>";
                        }
                    else if($log_row['start'] == 1){
                        echo "<td>已入账</td>";
                        }
                        else{
                            echo "<td>未知状态！</td>";
                        }
                    echo '<td><button type="submit" class="btn btn-success" onclick="item_ok(this.value)" value='.$log_row['entry'].'>确认入账</button>';
                    echo ' <button type="submit" class="btn btn-danger" onclick="item_delete(this.value)" value='.$log_row['entry'].'>删除单据</button></td>';
                    echo '</tr>';
                    }
                }
            }
            else{
                    echo "没有数据";
                }
      }

    # JS处理
    if(isset($_POST["start"])){

        $start = addslashes($_POST["start"]); # 获取类别

        # 大循环
        switch ($start){

            # 登陆审核
            case "login_start":
              $entry = addslashes($_POST["id"]);
              $query = mysql_query("UPDATE user SET level='1' WHERE entry='$entry'");
              if (!$query) {
                echo "执行错误";
              }
              else {
                echo "审核成功！";
              }
            break;

            # ajax登陆 用户名检测
            case "login-name":
                num("user","name",addslashes($_POST["name"]));
            break;

            # ajax登陆 密码检测
            case "login-pass":

                $name = addslashes($_POST["name"]);
                $pass = addslashes($_POST["pass"]);
                $sha1_pass = sha1(strtoupper($name) . ":" . strtoupper($pass));

                # 用户名、密码检查
               $check = mysql_query("select * from user where name='$name'")  or die (mysql_error());

               $num = mysql_num_rows($check);

                if ($num > 0){
                  while($row = mysql_fetch_assoc($check)){
                      $uid    = $row["entry"];
                      $name = $row["name"];
                      $name1 = $row["username"];
                      $pass = $row["pass"];
                      $level = $row["level"];

                      if ($pass == $sha1_pass){
                        if ($level == 0) {
                          echo "8";
                          exit;
                        }
                        else{
                              $_SESSION['username'] = $name1;
                              $_SESSION['name'] = $name;
                              $_SESSION['userid'] = $uid;
                              $_SESSION['user_level'] = $level;
                              switch ($level){
                                  case "1":
                                      $_SESSION["level"] = "初入江湖";
                                      break;
                                  case "2":
                                      $_SESSION["level"] = "游刃有余";
                                      break;
                                  case "3":
                                      $_SESSION["level"] = "独孤求败";
                                      break;
                              }
                              echo "1 ";
                              exit;
                            }
                          }
                      else {
                              echo "3";
                          }
                   }
                }
                else {
                  echo "0";
                }
            break;

            # 权限刷新
            case 'level_update':
                  $entry = addslashes($_POST["entry"]);
                  $query = mysql_query("SELECT * FROM user WHERE entry='$entry' ");
                  $num = mysql_num_rows($query);
                  if (!$query) {
                    echo "查询错误";
                  }
                  else if ($num > 0) {
                    while($row = mysql_fetch_assoc($query)){
                            echo $row["level"];
                        }
                    }
                    else{
                      echo "找不到数据";
                    }
              break;

              # 称谓刷新
            case 'cw_update':
                  $entry = addslashes($_POST["entry"]);
                  $query = mysql_query("SELECT * FROM user WHERE entry='$entry' ");
                  $num = mysql_num_rows($query);
                  if (!$query) {
                    echo "查询错误";
                  }
                  else if ($num > 0) {
                    while($row = mysql_fetch_assoc($query)){
                            switch ($row['level']) {
                             case '0':
                               $name = "没入门";
                               break;
                              case '1':
                               $name = "初入江湖";
                               break;
                              case '2':
                               $name = "游刃有余";
                               break;
                              case '3':
                               $name = "独孤求败";
                               break;
                             
                             default:
                               $name = "什么鬼？";
                               break;
                           }
                           echo $name;
                        }
                    }
                    else{
                      echo "找不到数据";
                    }
              break;

            # 退出登陆
            case "logout":
              unset($_SESSION['userid']);
              unset($_SESSION['username']);
              session_destroy();
              echo "1";
            break;

            # 注册
            case "reg":
                $name = addslashes($_POST["name"]);
                $pass = addslashes($_POST["pass"]);
                $pass1 = addslashes($_POST["pass1"]);
                $name1 = addslashes($_POST["name1"]);
                $call = addslashes($_POST["call"]);
                $sha1_pass = sha1(strtoupper($name) . ":" . strtoupper($pass1));

                $reg = mysql_query("INSERT INTO `user`(`name`, `pass` , `call_b`, `username`)
                 VALUES ('$name','$sha1_pass','$call','$name1')");

                if (!$reg) {
                  echo "0";
                }
                else{
                  echo "1";
                }
            break;

            # 租借添加
            case "lease-add":
              $item_name = addslashes($_POST["lease_name"]);
              $item_num = addslashes($_POST["lease_num"]);
              $item_out_time = addslashes($_POST["lease_out_time"]);
              $item_out_name_ins = addslashes($_POST["lease_out_name_ins"]);
              $item_addr = addslashes($_POST["lease_addr"]);
              $item_out_name = addslashes($_POST["lease_out_name"]);

              $query = mysql_query(
                "INSERT INTO `lease` (
                  `item_name`,
                  `item_num`,
                  `item_out_time`,
                  `item_out_name_ins`,
                  `item_addr`,
                  `item_out_name`
                  )
                VALUES (
                  '$item_name',
                  '$item_num',
                  '$item_out_time',
                  '$item_out_name_ins',
                  '$item_addr',
                  '$item_out_name'
                  )")or die(mysql_error());
                  if (!$query) {
                    echo "0";
                  }
                  else{
                    echo "1";
                  }
              break;

            # 日程表刷新
            case "query-query":
                query_query("0");
            break;

            # 已完成任务刷新
            case "query-ok-query":
                query_query("1");
            break;

            # 取消任务刷新
            case "query-call-query":
                query_query("2");
            break;

            # 客户数量刷新
            case "kh-query":
                num("user_info");
            break;

            # 任务数量刷新
            case "query-num0":
                echo num('query','start','0');
            break;

            # 任务数量刷新
            case "query-num1":
                num('query','start','1');
            break;

            # 任务数量刷新
            case "query-num2":
                num('query','start','2');
            break;

            # 白露流水账刷新
            case "item-query":
                item_query();
            break;

            # 今日消费刷新
            case "item-time-num":
                num('item_bailu','time',date('Ymd',time()));
            break;

            # 单据确认刷新
            case "item-ok-num":
                num('item_bailu','start','1');
            break;

            # 单据取消刷新
            case "item-call-num":
                num('item_bailu','start','2');
            break;

            # 未入账刷新
            case "item-no-num":
                num('item_bailu','start','0');
            break;

            # 供应商数据更新
            case "gys-query":
                gys_query();
            break;

            # 租借刷新
            case "query-lease":
                lease_query();
            break;

            # 租借数据刷新
            case 'query-lease-num-ok':
                  num('lease','start','1');
            break;

            # 租借数据刷新
            case 'query-lease-num-no':
                  num('lease','start','0');
            break;

            # 租借归还
            case "lease_ok":
              $id = addslashes($_POST["id"]);
              $time = date('Ymd',time());
              $query = mysql_query("UPDATE lease SET start='1'  , item_ins_time = '$time' WHERE entry='$id'") or die(mysql_error());
              if (!$query) {
                echo "归还失败！";
              }
              else{
                echo "归还成功！";
              }
            break;
            
            # 客户信息添加
            case "kh_add":
                $name          = addslashes($_POST["kh_name"]);
                $call_main   = addslashes($_POST["kh_call"]);
                $call_bk        = addslashes($_POST["kh_callbk"]);
                $time            = addslashes($_POST["kh_time"]);
                $addr            = addslashes($_POST["kh_addr"]);
                $pri                = addslashes($_POST["kh_pri"]);

                if ($call_main != NULL){

                    $user_info_add = mysql_query("INSERT INTO user_info (`name`,`call_main`,`call_bk`,`time`,`addr`,`money`)

                    VALUES ('$name','$call_main','$call_bk','$time','$addr','$pri')")or die (mysql_error());

                    if (!$user_info_add) {
                        echo "添加失败!";
                    }
                    else{
                        echo "添加成功";
                    }
                }
                else {
                    echo $addr;
                }
            break;

            # 客户信息查询
            case "search_kh":

                $type         = addslashes($_POST["kh_type"]); // 查询类型
                $search     = addslashes($_POST["kh_search"]); // 查询值

                if ($type == "all"){
                    $query = mysql_query("SELECT * FROM user_info");
                    }
                else {
                    $query = mysql_query("SELECT * FROM user_info WHERE $type like '%$search%'");
                    }

                $num = mysql_num_rows($query);

                if($query){
                    if ($num > 0){
                        while($row = mysql_fetch_assoc($query)){
                            echo '<tr>';
                            echo '<td>'.$row['name'].'</td>';
                            echo '<td>'.$row['call_main'].'</td>';
                            echo '<td>'.$row['call_bk'].'</td>';
                            echo '<td>'.$row['time'].'</td>';
                            echo '<td>'.$row['addr'].'</td>';
                            echo '<td>'.$row['money'].'</td>';
                            echo '</tr>';
                        }
                    }
                    else {
                        echo "0";
                    }
                }
                break; #客户信息结束

                # 供应商添加
                case "gys_add":
                    $type       = addslashes($_POST["type"]);
                    $name       = addslashes($_POST["user"]);
                    $call_main  = addslashes($_POST["call_main"]);
                    $call_bk    = addslashes($_POST["call_bk"]);
                    $addr       = addslashes($_POST["addr"]);

                    if ($call_main != NULL){

                        $gys_add = mysql_query("INSERT INTO gys (`type`,`name`,`call_main`,`call_bk`,`addr`)

                        VALUES ('$type','$name','$call_main','$call_bk','$addr')")or die (mysql_error());

                            if (!$gys_add) {
                                echo "添加失败!";
                            }
                            else {
                                echo "添加成功!";
                            }
                        }
                        else {
                            echo "电话必须要填写至少1个!";
                        }
                break;

                # 配置添加
                case "pc_config_submit":

                    # 获取配置型号
                   $main_board    = addslashes($_POST[main_board]);
                   $cpu                 = addslashes($_POST[cpu]);
                   $memory          = addslashes($_POST[memory]);
                   $gpu                 = addslashes($_POST[gpu]);
                   $disk                = addslashes($_POST[disk]);
                   $power            = addslashes($_POST[power]);
                   $row                 = addslashes($_POST[row]);
                   $display             = addslashes($_POST[display]);
                   $mouse           = addslashes($_POST[mouse]);
                   $keyboard      = addslashes($_POST[keyboard]);
                   $stereo              = addslashes($_POST[stereo]);

                   # 获取当前型号的价格
                   $p_main_board  = addslashes($_POST[p_main_board]);
                   $p_cpu         = addslashes($_POST[p_cpu]);
                   $p_memory      = addslashes($_POST[p_memory]);
                   $p_gpu         = addslashes($_POST[p_gpu]);
                   $p_disk        = addslashes($_POST[p_disk]);
                   $p_power       = addslashes($_POST[p_power]);
                   $p_row         = addslashes($_POST[p_row]);
                   $p_display     = addslashes($_POST[p_display]);
                   $p_mouse       = addslashes($_POST[p_mouse]);
                   $p_keyboard    = addslashes($_POST[p_keyboard]);
                   $p_stereo      = addslashes($_POST[p_stereo]);

                   $level         = addslashes($_POST[pc_1]);
                   $cpu_type      = addslashes($_POST[cpu_type]);

                   $tp            = $p_main_board+$p_cpu+$p_memory+$p_gpu+$p_disk+$p_power+$p_row+$p_display+$p_mouse+$p_keyboard+$p_stereo;

                   $pc_add = mysql_query("INSERT INTO `config` (`cname`, `main_board`, `cpu`, `memory`, `gpu`, `disk`, `power`, `row`, `display`, `mouse`, `keyboard`,`stereo`,
                   `p_main_board`, `p_cpu`, `p_memory`, `p_gpu`, `p_disk`, `p_power`, `p_row`, `p_display`, `p_mouse`, `p_keyboard`, `p_stereo`, `cpu_type`, `tp`) VALUES
                   ('$level', '$main_board', '$cpu', '$memory', '$gpu', '$disk', '$power', '$row', '$display', '$mouse', '$keyboard', '$stereo',
                   '$p_main_board', '$p_cpu', '$p_memory', '$p_gpu', '$p_disk', '$p_power', '$p_row', '$p_display', '$p_mouse', '$p_keyboard', '$p_stereo', '$cpu_type', '$tp')")  or die (mysql_error());


                    if (!$pc_add){
                      echo "<script language='javascript'>alert('添加失败！');</script>";
                    }
                    else{
                        echo "<script language='javascript'>alert('添加成功！');</script>";
                    }
                break; # 配置添加结束

                # 添加任务
                case "query_add":
                    $time      = addslashes($_POST["query_time"]);
                    $call       = addslashes($_POST["query_call"]);
                    $content    = addslashes($_POST["query_content"]);
                    $addr       = addslashes($_POST["query_addr"]);
                    $name      = addslashes($_POST["query_name"]);

                    if ($call != NULL){

                        $query_add = mysql_query("INSERT INTO query (`time`,`call_main`,`content`,`addr`,`name`)

                        VALUES ('$time','$call','$content','$addr','$name')");

                        if (!$query_add) {
                            echo "添加失败!";
                        }
                         else{
                            echo "添加成功！";
                        }
                    }
                    else {

                        echo "电话必须要填写!";
                    }
                break;

                # 添加任务跟踪
                case "query_add_new":
                    $start            = addslashes($_POST["entry"]);
                    $connent     = addslashes($_POST["queryconnent"]);
                    $pri                = addslashes($_POST["querypri"]);
                    $name          = addslashes($_POST["username"]);

                    $query = mysql_query("update `query` set `content-new`='$connent',`pri`='$pri' ,`newname` = '$name' where `entry`=$start; ");

                    if(!$query) {
                        echo "更新失败";
                    }
                    else {
                        echo "更新成功";
                    }
                break;

                # 任务确认完成
                case "query_ok":
                    $start = addslashes($_POST["entry"]);

                    $query = mysql_query("UPDATE query SET start='1' WHERE entry='$start'");

                    if(!$query) {
                        echo "确认失败！";
                    }
                    else{
                        echo "成功确认！";
                    }
                break;

                # 任务取消
                case "query_call":
                    $start = addslashes($_POST["entry"]);

                    $query = mysql_query("UPDATE query SET start = '2' WHERE entry = '$start'");

                    if(!$query) {
                       echo "取消失败";
                    }
                    else {
                       echo "取消成功";
                    }
                break;

                # 添加单据
                case "item_add":
                    $time      = addslashes($_POST["itemtime"]);
                    $item       = addslashes($_POST["item"]);
                    $price   = addslashes($_POST["price"]);
                    $name       = addslashes($_POST["name"]);

                    if ($item != NULL){

                        $item_add = mysql_query("INSERT INTO item_bailu (`time`,`item`,`price`,`name`)

                        VALUES ('$time','$item','$price','$name')")or die (mysql_error());

                        if (!$item_add) {
                            echo "添加失败!";
                        }
                        else{
                            echo "添加成功！";
                        }
                    }
                    else {

                        echo "物品名称必须要填写!";
                    }
                break;

                # 单据确认入账
                case "item_ok":
                    $start = addslashes($_POST["entry"]);

                    $query = mysql_query("UPDATE item_bailu SET start='1' WHERE entry='$start'");

                    if(!$query){
                        echo "失败";
                    }
                    else{
                        echo "成功入账！";
                    }
                break;

                # 单据删除
                case "item_delete":
                    $start = addslashes($_POST["entry"]);

                    $query = mysql_query("UPDATE item_bailu SET start='2'  WHERE entry = '$start'");

                    if(!$query) {
                        echo "删除失败";
                    }
                    else {
                        echo "成功删除";
                    }
                break;
        }# 大循环结束

    }

?>
